Component | Requirements |
---|---|
Web browsers |
Desktop browsers:
Mobile device browsers:
|
Component | Requirements |
---|---|
Web browsers |
Desktop browsers:
Mobile device browsers:
|
Component | Requirements |
---|---|
Web management console |
Desktop browsers:
|
Platforms and versions follow.
You must license the VM with a Microsoft Windows license. We recommend using either the MAK or KMS method. Specific questions about licensing should be directed to your Sales Representative.
VMware Workstation version 13 or higher
One Identity Safeguard for Privileged Passwords supports a variety of platforms, including custom platforms.
The following table lists the platforms and versions that have been tested for SPP (SPP). Additional assets may be added to SPP. If you do not see a particular platform listed when adding an asset, use the Other, Other Managed, Other Directory, or Linux selection on the Management tab of the Asset dialog.
|
CAUTION: When linking your Safeguard for Privileged Sessions (SPS) deployment to your SPP (SPP) deployment, ensure that the SPS and SPP versions match exactly, and keep the versions synchronized during an upgrade. For example, you can only link SPS version 6.6 to SPP version 6.6, and if you upgrade SPS to version 6.7, you must also upgrade SPP to 6.7. Make sure that you do not mix Long Term Supported (LTS) and feature releases. For example, do not link an SPS version 6.0.1 to an SPP version 6.1. |
When One Identity Safeguard for Privileged Passwords (SPP) is linked with a Safeguard for Privileged Sessions (SPS) appliance, platforms are supported that use one of these protocols:
SPP 2.8 or lower: RDP, SSH
SPP 2.9 or higher: RDP, SSH, or Telnet
Some platforms may support more than one protocol. For example, a Linux (or Linux variation) platform supports both SSH and Telnet protocols.
Platform Name | Tested Versions |
Supports SPP |
Supports SPS Access |
---|---|---|---|
ACF2 - Mainframe |
ACF2 - Mainframe LDAP r14 zSeries ACF2 - Mainframe LDAP r15 zSeries |
True |
True |
ACF2 - Mainframe LDAP |
ACF2 - Mainframe LDAP r14 zSeries ACF2 - Mainframe LDAP r15 zSeries |
True |
False |
Active Directory |
Active Directory |
True |
False |
AIX |
AIX 7.2 AIX 7.3 |
True |
True |
Amazon Linux |
Amazon Linux 2 Amazon Linux 2022 Amazon Linux Other |
True |
True |
Amazon Web Services |
Amazon Web Services 1 |
True |
False |
CentOS Linux |
CentOS Linux 7 CentOS Linux 8 |
True |
True |
Check Point GAiA (SSH) |
Check Point GAiA (SSH) R80.30 Check Point GAiA (SSH) R81 |
True |
True |
Cisco ASA |
Cisco ASA 7.X Cisco ASA 8.X Cisco ASA 9.X |
True |
True |
Cisco IOS (510) |
Cisco IOS 12.X Cisco IOS 15.X Cisco IOS 16.X |
True |
True |
Cisco ISE |
Cisco ISE 2.7 Cisco ISE 3 |
True |
False |
Cisco ISE CLI |
Cisco ISE CLI 2.7 Cisco ISE CLI 3 |
True |
True |
Cisco NX-OS |
Cisco NX-OS 9.3(7) Cisco NX-OS 9.3(7a) |
True |
True |
Debian GNU/Linux |
Debian GNU/Linux 10 Debian GNU/Linux 11 Debian GNU/Linux 12 |
True |
True |
Dell iDRAC |
Dell iDRAC 8 Dell iDRAC 9 |
True |
True |
eDirectory LDAP |
eDirectory LDAP 9.0 |
True |
False |
ESXi |
ESXi 7.0 ESXi 8.0 |
True |
False |
F5 Big-IP |
F5 Big-IP 12.1.2 F5 Big-IP 13.0 F5 Big-IP 14.0 F5 Big-IP 15.0 |
True |
True |
Fedora |
Fedora 37 Fedora 38 |
True |
True |
Fortinet FortiOS |
Fortinet FortiOS 6.2 Fortinet FortiOS 6.4 Fortinet FortiOS 7.0 Fortinet FortiOS 7.2 Fortinet FortiOS 7.4 |
True |
True |
FreeBSD |
FreeBSD 12 FreeBSD 13 |
True |
True |
HP iLO |
HP iLO 4 HP iLO 5 HP iLO 6 |
True |
True |
HP iLO MP |
HP iLO MP 2 HP iLO MP 3 |
True |
True |
HP-UX |
HP-UX 11iv3 (B.11.31) |
True |
True |
IBM i |
IBM i 7.3 IBM i 7.4 |
True |
True |
Junos - Juniper Networks |
Junos - Juniper Networks 19 Junos - Juniper Networks 20 Junos - Juniper Networks 21 Junos - Juniper Networks 22 |
True |
True |
LDAP |
OpenLDAP 2.4 |
True |
False |
Linux |
|
True |
True |
macOS |
macOS 11 macOS 12 macOS 13 |
True |
True |
MongoDB |
MongoDB 4.4 MongoDB 5.0 MongoDB 6.0 |
True |
False |
MySQL |
MySQL 5.7 MySQL 8.0 MySQL 8.1 |
True |
False |
Oracle |
Oracle 19c Oracle 21c |
True |
False |
Oracle Linux (OL) |
Oracle Linux (OL) 7 Oracle Linux (OL) 8 Oracle Linux (OL) 9 |
True |
True |
Other |
|
False |
False |
Other Directory |
|
True |
False |
Other Managed |
|
True |
False |
PAN-OS |
PAN-OS 9.1 PAN-OS 10.1 PAN-OS 10.2 |
True |
True |
PostgreSQL |
PostgreSQL 11 PostgreSQL 12 PostgreSQL 13 PostgreSQL 14 PostgreSQL 15 |
True |
False |
RACF - Mainframe |
RACF - Mainframe z/OS V2.1 Security Server zSeries RACF - Mainframe z/OS V2.2 Security Server zSeries RACF - Mainframe z/OS V2.3 Security Server zSeries |
True |
True |
RACF - RACF - Mainframe LDAP |
RACF - Mainframe LDAP z/OS V2.1 Security Server zSeries RACF - RACF - Mainframe LDAP z/OS V2.2 Security Server zSeries RACF - RACF - Mainframe LDAP z/OS V2.3 Security Server zSeries |
True |
False |
Red Hat Enterprise Linux (RHEL) |
Red Hat Enterprise Linux (RHEL) 7 Red Hat Enterprise Linux (RHEL) 8 Red Hat Enterprise Linux (RHEL) 9 |
True |
True |
Red Hat Directory Server |
Red Hat Directory Server 11 Red Hat Directory Server 12 |
True |
False |
SAP HANA |
SAP HANA SAP HANA 2 |
True |
False |
SAP Netweaver Application Server |
SAP Netweaver Application Server 7.5 |
True |
False |
Safeguard for Privileged Sessions |
Safeguard for Privileged Sessions 7.0 |
True |
True |
Solaris |
Solaris 10 Solaris 11.3 Solaris 11.4 |
True |
True |
SonicOS |
SonicOS 6.5 SonicOS 7 SonicOSX 7 |
True |
False |
SonicWALL SMA or CMS |
SonicWALL SMA or CMS 11.3.0 |
True |
False |
SQL Server |
SQL Server 2012 SQL Server 2014 SQL Server 2016 SQL Server 2017 SQL Server 2019 SQL Server 2022 |
True |
False |
SUSE Linux Enterprise Server (SLES) |
SUSE Linux Enterprise Server (SLES) 12 SUSE Linux Enterprise Server (SLES) 15 |
True |
True |
Sybase (Adaptive Server Enterprise) |
Sybase (Adaptive Server Enterprise) 15.7 Sybase (Adaptive Server Enterprise) 16 Sybase (Adaptive Server Enterprise) 17 |
True |
False |
Top Secret - Mainframe |
Top Secret - Mainframe r14 zSeries Top Secret - Mainframe r15 zSeries Top Secret - Mainframe r16 zSeries |
True |
False |
Top Secret - Mainframe LDAP |
Top Secret - Mainframe LDAP r14 Top Secret - Mainframe LDAP r15 Top Secret - Mainframe LDAP r16 |
True |
True |
Ubuntu |
Ubuntu 18.04 LTS Ubuntu 22.04 LTS Ubuntu 22.10 Ubuntu 23.04 |
True |
True |
VMware vCenter Server |
VMware vCenter Server 6.7 VMware vCenter Server 7.0 |
True |
True |
Windows Desktop Windows Desktop (SSH) Windows Desktop (WinRM) Windows Server Windows Server (SSH) Windows Server (WinRM) |
Windows (SSH) 10 Windows (SSH) 11 Windows (SSH) Server 2012 Windows (SSH) Server 2012 R2 Windows (SSH) Server 2016 Windows (SSH) Server 2019 Windows (SSH) Server 2022 Windows 10 Windows 11 Windows Server 2012 Windows Server 2012 R2 Windows Server 2016 Windows Server 2019 Windows Server 2022 |
True |
True |
Platform Name | Platform Version |
---|---|
Microsoft Active Directory |
Windows 2008+ DFL/FFL |
LDAP |
2.4 |
For all supported platforms, it is assume that you are applying the latest updates. For unpatched versions of supported platforms, Support will investigate and assist on a case by case basis but it may be necessary for you to upgrade the platform or use SPP's custom platform feature.
IMPORTANT: For the current list of platforms supported by Connect for Safeguard Assets, see the Connect for Safeguard Assets User Guide.
The following example platform scripts are available:
For more information, see
Sample custom platform scripts and command details are available at the following links available from the Safeguard Custom Platform Home wiki on GitHub:
Command-Reference:
https://github.com/OneIdentity/SafeguardCustomPlatform/wiki/Command-Reference
Writing a custom platform script:
https://github.com/OneIdentity/SafeguardCustomPlatform/wiki/WritingACustomPlatformScript
Example platform scripts are available at this location:
https://github.com/OneIdentity/SafeguardCustomPlatform/tree/master/SampleScripts
|
CAUTION: Example scripts are provided for information only. Updates, error checking, and testing are required before using them in production. SPP checks to ensure the values match the type of the property that include a string, boolean, integer, or password (which is called secret in the API scripts). SPP cannot check the validity or system impact of values entered for custom platforms. |
As a SPP user, if you get an "appliance is unlicensed" notification, contact your Appliance Administrator.
The One Identity Safeguard for Privileged Passwords
You must install a valid license. Once the module is installed, SPP shows a license state of Licensed and is operational. If the module license is not installed, you have limited functionality. That is, even though you will be able to configure access requests, if a Privileged Passwords module license is not installed, you will not be able to request a password release.
You must license the virtual appliance with a Microsoft Windows license. We recommend using either the MAK or KMS method. Specific questions about licensing should be directed to your Sales Representative. The virtual appliance will not function unless the operating system is properly licensed.
To enter licensing information when you first log in
The first time you log in as the Appliance Administrator, you are prompted to add a license. The Success dialog displays when the license is added.
On the virtual appliance, the license is added as part of Initial Setup.
IMPORTANT: After successfully adding a license, the Software Transaction Agreement will be displayed and must be read and accepted in order to use SPP.
To configure reminders for license expiration
To avoid disruptions in the use of SPP, the Appliance Administrator must configure the SMTP server, and define email templates for the License Expired and the License Expiring Soon event types. This ensures you will be notified of an approaching expiration date.
Users are instructed to contact their Appliance Administrator if they get an "appliance is unlicensed" notification.
As an Appliance Administrator, if you receive a "license expiring" notification, apply a new license.
To update the licensing file
Safeguard licenses can be updated both on hardware and virtual machines, whereas OS licenses can be updated only on virtual machines.
To perform licensing activities
Navigate to Appliance Management > Appliance > Licensing.
To upload a new license file, click Upload new license file and browse to select the current license file. The Software Transaction Agreement will also be displayed during this process and must be read and accepted in order to complete the licensing process.
To remove the license file, select the license and click Remove selected license.
To get more information on the license and to export license data, click the What do these numbers mean? button, or click on the numbers in the tile.
If you want to export data about users, desktops or systems in CSV or JSON format, navigate to the table from which you want to export data by clicking the corresponding tab, for example Users Used.
Click the export icon located on the table. For more information on exporting, see Exporting data.
Below is the list of the available tabs.
For device-based licenses:
General
Desktops Used
Other Desktops
Systems Used
Other Systems
History
For user-based licenses:
General
Users Used
Password Vault Only
Other Users
History
The General tab, contains general information about the license:
License usage and consumption
Counts of all managed and unmanaged components
How licenses are counted
License Number
License Type
Expiration Date
Product Version
Date Added
Added By
© 2024 One Identity LLC. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center